On Tuesday November 13th, a European Hacker had claimed that he has hacked an Adobe company database where more than 150,000 credentials are stored and has been able to steal 230 of them. The 230 records include credentials such as full names, titles, organizations, email addresses, usernames and encrypted passwords. Sources say that the records are from individuals within government agencies. Although the 230 records released on the hackers Wiki were in MD5 Hash vs. Plain text, any free password cracking tool on the internet could crack the hashes.
With the success of the hack, Adobe is worried about other hackers infiltrating the database so they are consequently investigating the data breach. Adobe also warns that since users tend to use the same usernames and passwords for other sites the hacked credentials could lead other hackers to retrieve other confidential information from other sources.
Analysis:
From this simple security breach there are several weaknesses that can be used as lessons for the future. First off, overlooking the security vulnerabilities that allowed the hackers access to the database, the MD5 hash is a very low security hash that should not be used by companies. It was one of the earliest forms of hashing and has a low 128 bit max hash value. It is recommended that companies use a newer SHA-2 as a hash function because they are more adapted to the times and offer greater security by offering greater and no collisions have been found yet. It is surprising that a company that prides themselves with up to the date current software would use an out of date hashing method.
Another issue is how the hackers got into the database. Nothing was mentioned on the point of entry however after a thorough investigation Adobe should try to harden their security barriers to help prevent such attacks in the future. That could mean many sorts of possibilities such as more extensive firewalls. Possibly utilizing more NAT firewalls to disguise network IP address from outsiders. This could possibly keep the hackers from being able to locate the central database within a companies IT infrastructure.
The last issue confronted is the problem with the same usernames & passwords for multiple sites. This is a continuously growing problem however there is no way to fix individuals from exerting this behavior (almost everyone is probably guilty). Alerting individuals that have had their credentials compromised would be a good start to help the individual possibly assess if any other confidential information has hacked.
Executive Summary:
On Tuesday November 13th, a European Hacker had claimed that he has hacked an Adobe company database where more than 150,000 credentials are stored and has been able to steal 230 of them. The 230 records include credentials such as full names, titles, organizations, email addresses, usernames and encrypted passwords. Sources say that the records are from individuals within government agencies. Although the 230 records released on the hackers Wiki were in MD5 Hash vs. Plain text, any free password cracking tool on the internet could crack the hashes.
With the success of the hack, Adobe is worried about other hackers infiltrating the database so they are consequently investigating the data breach. Adobe also warns that since users tend to use the same usernames and passwords for other sites the hacked credentials could lead other hackers to retrieve other confidential information from other sources.
Analysis:
From this simple security breach there are several weaknesses that can be used as lessons for the future. First off, overlooking the security vulnerabilities that allowed the hackers access to the database, the MD5 hash is a very low security hash that should not be used by companies. It was one of the earliest forms of hashing and has a low 128 bit max hash value. It is recommended that companies use a newer SHA-2 as a hash function because they are more adapted to the times and offer greater security by offering greater and no collisions have been found yet. It is surprising that a company that prides themselves with up to the date current software would use an out of date hashing method.
Another issue is how the hackers got into the database. Nothing was mentioned on the point of entry however after a thorough investigation Adobe should try to harden their security barriers to help prevent such attacks in the future. That could mean many sorts of possibilities such as more extensive firewalls. Possibly utilizing more NAT firewalls to disguise network IP address from outsiders. This could possibly keep the hackers from being able to locate the central database within a companies IT infrastructure.
The last issue confronted is the problem with the same usernames & passwords for multiple sites. This is a continuously growing problem however there is no way to fix individuals from exerting this behavior (almost everyone is probably guilty). Alerting individuals that have had their credentials compromised would be a good start to help the individual possibly assess if any other confidential information has hacked.